1 results (0.004 seconds)
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 2
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 2CVE-2023-5601 – WooCommerce Ninja Forms Product Add-ons < 1.7.1 - Unauthenticated Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2023-5601
16 Oct 2023 — The WooCommerce Ninja Forms Product Add-ons WordPress plugin before 1.7.1 does not validate the file to be uploaded, allowing any unauthenticated users to upload arbitrary files to the server, leading to RCE. El complemento WooCommerce Ninja Forms Product Add-ons para WordPress anterior a 1.7.1 no valida el archivo que se va a cargar, lo que permite que cualquier usuario no autenticado cargue archivos arbitrarios en el servidor, lo que lleva a RCE. The WooCommerce Ninja Forms Product Add-ons plugin for Word... • https://github.com/codeb0ss/CVE-2023-5601-PoC • CWE-434: Unrestricted Upload of File with Dangerous Type •